Should not panic for invalid output

Question

Should not panic for invalid output

nagisa opened this issue 8 years ago · 2 comments

Testing out our new fuzzing.

Within milliseconds it makes fuzz script which tests decoding:

#[export_name="rust_fuzzer_test_input"]
pub extern fn go(data: &[u8]) {
    let _: Result<toml::Value, _> = toml::from_slice(data);
}

fail on this input: 0x27,0x27 (base64: Jyc=) with following panic message:

thread '<unnamed>' panicked at 'assertion failed: s.len() < self.input.len()', toml-rs/src/tokens.rs:383
note: Run with `RUST_BACKTRACE=1` for a backtrace.

Arguably, deserialization or serialization should never panic :)

Answer 1 · 2017-02-21T20:25:56.000Z

Some other inputs that cause the same failure:

0x22,0x22 (base64: IiI=)
0x27,0x2d,0x2d,0x2d,0x6d,0x2d,0x3a,0x2d,0x27 (Jy0tLW0tOi0n)
0x27,0x23,0x27 (JyMn)

Answer 2 · 2017-02-22T04:27:59.000Z

Thanks for the report!